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Abstract-In cloud computing a major role is provide security to services that may be PaaS (Pl^arun as a 
Service), SaaS (Software as a Service) , CaaS (Communication as a Service) , laaS( I nfra/ftuswre as a 
Services) , MaaS (Monitoring as a Service)n, XaaS (X: Platform, Software, Monitoring, Infra^rcWwre). Cloud 
computing provides wide range of services. Large, Small and medium businesses^rdepfending on out 
sourcing of data services and computation on cloud this is mainly deals with SaasAfiVcloud provides a 
very high efficient service for the business organizations. These business organiamS*ie trust cloud service 
providers on their data security. But providing security is highly risk in downjfough the third party, 
especially in private cloud services. Existing data security methods are not so enj^hve. 

A new approach for securing the data from cloud. OTK - "OneTimf ribution File" is a service that 

protects unauthorized file downloading form the cloud. 

Keywords: Cloud Services, Cloud security, KDC: Key Distributio^lnter 



In Cloud Computing Various Businesses can be proraftespecially startups, small and medium businesses 
(SM Bs), are opting for outsourcing data and comf^Mion to the Cloud for their data storage. This provides 
operational efficiency, but comes with greater risKS, perhaps the most serious of which are data theft 
attacks. 





Figure 1 Various Services under cloud computing 



Threat of a malicious insider []] is well-known to most organizations. This threat is amplified for consumers 
of cloud services by the convergence of IT services and customers under a single management domain 
under cloud providers with third party, combined with a general lack of transparency into provider process 
and procedure. For example, a provider may not reveal how it grants employees access to physical and 
virtual assets, how it monitors these employees, or how it analyzes and reports on policy compliance. To 
complicate matters, there is often little or no visibility into the hiring standards and practices for cloud 
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employees. This kind of situation clearly creates an attractive opportunity for an adversary ranging from the 
hobbyist unauthorized person, to organized crime, to corporate espionage, or even nation-state sponsored 
intrusion. Level of access granted could enable such an adversary to harvest confidential data or gain 
complete control over the cloud services with little or no risk of detection. 

Recent Twitter incident is one example of a data theft attack from the Cloud. Several Twitter corporate and 
personal documents were ex-filtrated to technological website Tech Crunch [2], [3], and customers' 
accounts, including the account of U.S. President Barack Obama, were illegally accessed [4], [5]. The 
attacker used a Twitter administrator's password to gain access to Twitter's corporate document^ \ 
on Google's infrastructure as Google Docs. The damage was significant both for Twitter and'S 
customers. 



While this particular attack was launched by an outsider, stealing a customer's admin paasl^bs is much 
easier if perpetrated by a malicious insider. Rochaand Correia outline how easy passwirtxlsm^y be stolen by 
a malicious insider of the Cloud service provider [6]. The authors also demonstratec£^\Ctoud customers' 
private keys might be stolen, and how their confidential data might be extracted,1%p3^ a hard disk. After 
stealing a customer's password and private key, the malicious insider get accesjSjV^I customer data, while 
the customer has no means of detecting this unauthorized access. 



i mi^^V^tai 

axft^^acces; 



IP 



:ained for OTK in case of any 
iccess with OTK for third party 



Hence by avoiding such type of attacks the third party has to be mi 
information being processed. Through the network with the maxf 
admin, providers admin and users. 

Key management: The key management of cryptographuAey* in a cryptosystem. This includes deal 
with the generation, exchange, storage, use, and replaca^l^of keys. It includes cryptographic protocol 
design, key servers, user procedures, and other relevajit^^tocols. 



The Key management concerns keys at the user ISw^felther between users or systems. This is in contrast to 
key scheduling; key scheduling typically refenrtcthe internal handling of key material within the operation 
of a cipher. 




Than Successful key management if^fairafto the security of a cryptosystem. In practice it is arguably the 
most difficult aspect of cryptogsaphyN because it involves system policy, user training, organizational and 
departmental i nteract i o n s, an d "^o^di n at i o n between all of these elements. 

Private cloud - Private qjTO^frie infrastructure is provisioned solely for a single organization, and may be 
managed internally owftJWiird-party and hosted externally (virtual private cloud). Also in a private cloud, 
multiple business umtsCen be separated by multi- tenants and the provider has full knowledge of resource 
locations as theyNamJhe infrastructure. 



Figure 2. Private cloud 



Figure 3. Public Cloud 
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Public cloud - Public cloud, the cloud infrastructure is provisioned by the cloud provider for open use by 
the any type of customer. The infrastructure may be owned, managed, and operated by a business, 
academic, or government organization, or some combination of these entities. 

Hybrid cloud - A hybrid cloud is composed of two or more clouds (private, community, or public) that 
remain unique entities but are bound together, offering the benefits of multiple deployment models. A 
hybrid cloud can also consist of multiple cloud systems that are connected in a way that allows programs 
and data to be moved easily from one deployment system to another. 




Figure 4. Hybrid Cloud 



FigureA Services availability 



0 



Service availability - Various Services available iri^mud computing towards access information in 
accessing the data while coming to services whichvWr be utilized in cloud users. Each every cloud is 
provided through the third party hence there th*^rkes can be protected by the trusted third party than 
only the data can be accessed in a secure mar/f^ while in the end user access the data. 

ing Cloud with OTK 




Main service of cloud is to store^ocuVgents; media files etc. cloud provides public cloud and private cloud. 
When the files are stored in pul/ra^loud such files will not have security as they can be downloaded by the 
any user in organization ^ri^nS^ioud need to provide much higher security for the users that the user 
stored files can be accesssM^Lenly that user. Unauthorized using of files must be detected and avoided in 
the private cloud. /*S* 



steH^^er problem of providing security of confidential information remains a core security 
i^irt^Ee has not provided the levels of assurance most people desire. Many proposals have 
been madej&l^cure remote data in the Cloud using encryption and standard access controls. One needs to 



Cloud providers 
problem that. 



prepare ft 



accidents. 



B^icVraof OTK is to avoid unauthorized access of file or documents stored in private cloud. Every user 
wiW registered with cloud service provider. Each user will have a user login id and password for his 
access. Some old methods require to get permission from third party to get session keys to communicate 
towards through the cloud providers and users in correspondence to the third party. 

By using OTK login id, password with session key files is enough to access file in private cloud storage. 
While registration of user we in cloud we ask him to register his Personal data. This personal data is 
validated by a random generated with session keys to generate 4 digit number which will be sent as a SMS 
to that mobile as well as company E-mail id. 
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Once user mobile and E- mail id is registered with his user cloud account the services that enable to provide 
alert service. Whoever logs in cloud with some login id and password immediately an alert message will be 
sent to original user's registered mobile as well as Email - id. If original user logged in, cloud data services 
will don't have any security risk. 




Figure 7. Registration process 

To useOTFP service in cloud, cloud server application needs to combine with mobile SMS service provider. 
Mobile SMS service provider should be able to send SMS to registered mobiles as fast as possible without 
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fail, so that we can provide a high security to private cloud. We can allow the user to change his registered 
mobile number with authentication. 

In the cloud data storage, a user stores his data through the cloud service provider into a set of the cloud 
servers. The cloud servers run on the distributed system. Data redundancy can be applied with technique of 
erasure correcting code to further tolerate faults or server crash as users grows in size. By using application, 
the user interacts with cloud server via cloud service provider to access or retrieve his data. In some cases, 
the user may need to perform block level operations on his data. The most general forms of these 
operations are considering are block revise, erase, insert and affix [3]. 

As above mentioned diagram the security problem occurs in third party to user access through deudJSferver 
regarding this at the end user access we have to implement different aspects to use our existecW^brithms 
in effective. A normal small company can use high level data secure methods by using largekl^raftowards in 
algorithms. The algorithms limitations will betaken place again do to in excellent ma^ner^V^hereas earlier 
if we want to use algorithms like this there is problem of using processing capabilitie^JflS^ntfrypt our data. 



1 Design Goals 

To make sure the security and dependability for data storage in cloud ui 
model, we aim to design efficient mechanisms for dynamic data veri^i 
following goals: 



h^afon 



J:h£arorementioned antagonist 
md operation and achieve the 



I. Storage accuracy: to ensure users that their data are ind^H^Cored appropriately and kept intact all 
the time in the cloud. 

II. Fast access of user: to effectively locate the ma^h^cfjoning server when data access has been 
detected. t^k 

Dynamic data support: to maintain the same leyc^^ storage correctness assurance even if users modify, 
erase or affix their data files in the cloud 

III. OTKJijWkingin cloud Computing 

to w^n\ the specific time the third party is going to generate through 
e, especially when IP address fails due to assigning some other IP address 
of getting authentication. Than introducing the high secure concept as 
session key files towards access the data in secure manner also distribution 
while accessing the data. Here initially the request has made to the third 
providers to access information. Symmetric schemes require both parties 
ret key towards the mobile and Email ids. Nothing but public keysTo generate 
we require public key schemes to acquire valid public keys 



The main aim to work OTK 
confirmation if any problem 
to the organization there is 
key is distributed among 
can be handle in 
party to get access, 
to share a comi 
session keys 




party w 




Figure 8. Key Distribution Scenario in Cloud computing 
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In above Scenario Users who are using cloud services initially they get permission for accessing data from 
cloud providers. Than the Third party has to generate a session key towards access the data from cloud 
providers and users. By its utilization of keys the key is provided to the user to communicate with cloud 
providers with corresponding sessions. Than with key only the cloud users can communicate with cloud 
providers towards using the alert message to the mobile phone and Email id. 

IV. Data Center 

Data center will provide various utilities like Software as a Service, Network Security, and Virtualizatioirttc. 
Hence by using data center as a service with the utilization of service through the alerts in various mempas 
like messaging with sending alerts to the mobile and so on. By providing more and more secure tp»the^cloud 
towards beneficiary to the both side to avoid unauthorized persons including working undet^^iization 
with the small position employees to access to authenticate data. 




In this paper propose a new novel approach Jcr securing the data from anycloud. OTK - "One Time Key 
Distribution File" is a service that protects Vr^umori zed file downloading or accessing form the any cloud. 
Unauthorized user account access and fiiff^ess will be detected. An alert message and OTK can be sent to 
original user mobile and Email Id. !*)tfiaUfleft attacks can be avoided in private cloud. Mainly the user has 
to get session keys from third part^^generate request within the session period the communication is 
possible. 5< 



III. Future work 



Providing data securi 



privacy protection issues, the fundamental challenges are separation of 



securih^oc p 

sensitive data and J^fjjrcontrol. Our objective is to design a set of unified identity management and 
privacy protecttovr^rieworks across applications or cloud computing services. As in Cloud computing 
providing prql^^n force to our services a big challenge. In addition we can link to the work towards 
secure patteftpconnection to the mobile phones as well as for Email connections we can use some pattern 
or thumbNifinYiiques to provide more dynamic security for cloud users and providers. 
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